Displaying 2 results from an estimated 2 matches for "xauth_exec_t".
2012 Jan 13
1
SELinux and rsh+xauth
...n/xauth: Permission denied
and /var/log/audit/audit.log shows the following errors :
type=SELINUX_ERR msg=audit(1326381080.364:610): security_compute_sid: invalid context system_u:system_r:xauth_t:s0-s0:c0.c1023 for scontext=system_u:system_r:unconfined_t:s0-s0:c0.c1023 tcontext=system_u:object_r:xauth_exec_t:s0 tclass=process
type=AVC msg=audit(1326381080.364:610): avc: denied { write } for pid=3487 comm="xauth" path="pipe:[21744]" dev=pipefs ino=21744 scontext=system_u:system_r:xauth_t:s0-s0:c0.c1023 tcontext=system_u:system_r:rshd_t:s0-s0:c0.c1023 tclass=fifo_file
type=AVC ms...
2015 Jul 09
3
C-6.6 - sshd_config chroot SELinux issues
..._t self:netlink_route_socket create;
allow chroot_user_t self:tcp_socket create;
allow chroot_user_t self:udp_socket create;
allow chroot_user_t user_devpts_t:chr_file open;
allow chroot_user_t user_home_t:chr_file { read write };
#!!!! This avc is allowed in the current policy
allow chroot_user_t xauth_exec_t:file getattr;
#============= xauth_t ==============
allow xauth_t chroot_user_t:process sigchld;
# getsebool -a | grep ssh
allow_ssh_keysign --> off
fenced_can_ssh --> off
ssh_chroot_full_access --> on
ssh_chroot_manage_apache_content --> off
ssh_chroot_rw_homedirs --> on
ssh_sys...